CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2018/03/23 12:0 a.m.•1 views

F5 BIG-IP Arbitrary Code Execution Vulnerability (CNVD-2018-07456)

The BIG-IP platform is the intelligent evolution of Application Delivery Controller ADC technology.The BIG-IP system is at the heart of the information flow between applications and users and ensures that the flow of information between applications and users is seamless. The F5 product modules...

9.3CVSS7.9AI score0.02912EPSS

OSV•added 2018/03/22 6:29 p.m.•2 views

CVE-2018-5504

In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service DoS or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or...

8.1CVSS6.4AI score0.02912EPSS

Prion•added 2018/03/22 6:29 p.m.•16 views

Remote code execution

9.3CVSS8.3AI score0.02912EPSS

Exploits0References2Affected Software13

CNVD•added 2018/03/06 12:0 a.m.•1 views

F5 BIG-IP Kernel Reboot Vulnerability

F5 BIG-IP is an all-in-one network device from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in the F5 BIG-IP. An attacker could exploit this vulnerability to cause the Traffic Management...

7.8CVSS6.8AI score0.00588EPSS

Prion•added 2018/02/06 1:29 p.m.•15 views

Design/Logic Flaw

In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel TMM to produce a core file when it receives malformed URLs during categorization...

4.3CVSS6.6AI score0.00675EPSS

Exploits0References2Affected Software1

OSV•added 2018/02/06 1:29 p.m.•1 views

CVE-2017-6169

6.8CVSS5.8AI score

CNVD•added 2017/12/22 12:0 a.m.•2 views

Multiple F5 Products Service Disruption Vulnerabilities

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A service interruption vulnerability exists in multiple F5 products. An attacker could exploit this vulnerability to interrupt the Traffic Management...

5.9CVSS6.5AI score0.00566EPSS

CNVD•added 2017/12/22 12:0 a.m.•0 views

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-01149)

BIG-IP LTM is a product of F5 Corporation of the U.S. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A denial of service vulnerability exists in multiple F5 products. An attacker can exploit this vulnerability by sending a malicious request to cause a...

7.5CVSS6.5AI score0.00662EPSS

CVE•added 2017/12/21 5:0 p.m.•57 views

CVE-2017-6164

Concrete technical details are available: CVE-2017-6164 affects F5 BIG-IP products with TMM Affected: BIG-IP LTM and related modules (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) on 11.x, 12.x and 13.x lines. Issue: malformed TLS 1.2 record...

8.1CVSS8.1AI score0.02462EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/12/21 5:0 p.m.•22 views

CVE-2017-6136

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause...

5.7AI score0.00566EPSS

Prion•added 2017/11/22 4:29 p.m.•18 views

Code injection

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel TMM may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4...

4.3CVSS5.7AI score0.01202EPSS

Exploits0References3Affected Software11

OSV•added 2017/11/22 4:29 p.m.•2 views

CVE-2017-6166

5.9CVSS5.8AI score0.01202EPSS

Cvelist•added 2017/11/22 4:0 p.m.•20 views

CVE-2017-6166

5.6AI score0.01202EPSS

Tenable Nessus•added 2017/11/07 12:0 a.m.•44 views

F5 Networks BIG-IP : BIG-IP FastL4 TMM vulnerability (K65615624)

5.9CVSS6AI score0.01202EPSS

CNVD•added 2017/10/30 12:0 a.m.•1 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2017-35573)

F5 BIG-IP LTM, etc. are products of F5 USA.LTM is a local traffic manager; APM is a suite of solutions that provide secure unified access to business-critical applications and networks.Traffic Management Microkernel TMM is one of the service processes that performs traffic management. A security...

5.9CVSS6.4AI score0.00911EPSS

CNVD•added 2017/10/30 12:0 a.m.•1 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2017-35571)

F5 BIG-IP is a collection of software and hardware that allows you to control the traffic that passes through your network. A denial of service vulnerability exists in F5 BIG-IP. A remote user can cause the target traffic management microkernel TMM to reboot by sending specially crafted TCP traff...

5.9CVSS6.8AI score0.01522EPSS

CNVD•added 2017/10/30 12:0 a.m.•1 views

F5 BIG-IP Denial of Service Vulnerability (CNVD-2017-35572)

5.9CVSS6.8AI score0.04588EPSS

NVD•added 2017/10/27 2:29 p.m.•13 views

CVE-2017-6160

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...

5.9CVSS5.7AI score0.04588EPSS

Cvelist•added 2017/10/27 2:0 p.m.•13 views

CVE-2017-6160

5.7AI score0.04588EPSS